CVE-2020-37190

Top Password Firefox Password Recovery 2.8 - Denial of Service

CVSS 4.6 MEDIUMEPSS 0.3%CWE-120

Vexday Risk Score

13Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 4.6EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

11 Feb 2026Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

Top Password Firefox Password Recovery 2.8 contains a denial of service vulnerability that allows attackers to crash the application by overflowing input fields. Attackers can trigger the vulnerability by inserting 5000 characters into the User Name or Registration Code input fields.

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Affected products

Top Password Software · Top Password Firefox Password Recovery

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.exploit-db.com/exploits/47912 https://www.top-password.com/https://www.vulncheck.com/advisories/top-password-firefox-password-recovery-denial-of-service